invalid_grant error and refresh tokens
830 views
Skip to first unread message
Евгений Куртов
Oct 2, 2013, 10:20:59 AM10/2/13
to google-analytics...@googlegroups.com
Hello! I'm emplementing service to service application: a weekly report generator using ruby and google-client-api library.
Everytghing was fine except for today when querying stopped working with error "invalid_grant". Here is my code:
class GoogleClient attr_reader :credentials, :client def initialize(credentials) @credentials = credentials @client = Google::APIClient.new() fetch_api_token! end def fetch_api_token! # Load our credentials for the service account key = Google::APIClient::KeyUtils.load_from_pkcs12(credentials['key_file'], credentials['key_secret']) @client.authorization = Signet::OAuth2::Client.new( :token_credential_uri => 'https://accounts.google.com/o/oauth2/token', :audience => 'https://accounts.google.com/o/oauth2/token', :scope => 'https://www.googleapis.com/auth/analytics.readonly', :issuer => credentials['service_account_email'], :signing_key => key) # Request a token for our service account @client.authorization.fetch_access_token! end end
I checked time like https://developers.google.com/analytics/devguides/reporting/core/v2/gdataAuthentication#helpme suggests and it was correct, so syncing with ntp didn't solve the error.
The things that I really do not understand:
The things that I really do not understand:
1) does my application use refresh token? if so do I need to store it and reuse for every request?
2) do I need to use A JWT authorization instead of signet for service-to-service application? again, do I need to deal with refresh token - store it and supply with every request with JWT authorization?
2) do I need to use A JWT authorization instead of signet for service-to-service application? again, do I need to deal with refresh token - store it and supply with every request with JWT authorization?
Евгений Куртов
Oct 2, 2013, 10:21:37 AM10/2/13
to google-analytics...@googlegroups.com
and how to fix this invlaid_grant error? :)
среда, 2 октября 2013 г., 17:20:59 UTC+3 пользователь Евгений Куртов написал:
среда, 2 октября 2013 г., 17:20:59 UTC+3 пользователь Евгений Куртов написал:
Pete
Oct 7, 2013, 11:08:27 AM10/7/13
to google-analytics...@googlegroups.com
It looks like you read https://developers.google.com/analytics/devguides/reporting/core/v2/gdataAuthentication#helpme and it's not a ntp sync issue but the other reason it lists is that you may be requesting too many refresh tokens. You only need 1 refresh token and then you can use that to fetch as many access tokens as needed.
These flows are explained here:
Reply all
Reply to author
Forward
0 new messages